package com.infomanage.service.syscfg;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspWriter;

import com.infomanage.dao.UserDAO;
import com.infomanage.po.User;
import com.jiuqi.util.ReturnObject;

public class LoginService {

	public static ReturnObject validateLogin(HttpServletRequest request,
			HttpServletResponse response, JspWriter out) {
		ReturnObject ret = new ReturnObject();
		try {
			String username = request.getParameter("username");
			String password = request.getParameter("password");
			if (username == null || username.equals("") || password == null
					|| password.equals("")) {
				ret.SetErrored(true);
				ret.setErrorMessage("用户名或密码不能为空！");
			} else {
				UserDAO dao = new UserDAO();
				User user = dao.findUserByName(username);
				if (user == null) {
					ret.SetErrored(true);
					ret.setErrorMessage("用户不存在！");
				} else {
					if (password.equals(user.getPassword())) {
						request.getSession().setAttribute(com.infomanage.util.Consts.LOGINED_USER, user);
						ret.SetErrored(false);
					} else {
						ret.SetErrored(true);
						ret.setErrorMessage("密码不正确！");
					}
				}
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
		return ret;
	}
}
